Apparatus &amp; method for POS processing

ABSTRACT

An apparatus and method for configuring, altering, controlling, securing, and extending the processing capability and functionality of PCs and POS devices using a non-volatile memory device using software and data carried within the apparatus.

RELATED APPLICATION

This application claims the benefit of priority of U.S. provisionalapplication Ser. Nos. 60/579,997 filed Jun. 15, 2004 and 60/631,300,filed Nov. 24, 2004, which are relied on and incorporated herein byreference.

COPYRIGHT NOTICE

A portion of the disclosure of this patent document may containmaterial, which is subject to copyright protection. The copyright ownerhas no objection to the facsimile reproduction by anyone of the patentdocument or patent disclosure as it appears in the U.S. Patent andTrademark Office patent file or records, but otherwise reserves allcopyright rights whatsoever.

FIELD OF THE INVENTION

The present invention relates to an apparatus and method for enhancingthe functionality and security of point-of-sale terminals through theuse of a portable non-volatile memory device using software and datacarried within the device.

BACKGROUND OF THE INVENTION

In recent years, point-of-sale (POS) terminals and the software thatsupports POS business applications have become increasingly complex. New‘modular’ applications have been developed to capitalize on the new POSterminal capabilities and serve to increase the utility value of thepoint-of-sale terminal. Concurrently, the internet has provided anopportunity to increase the communication bandwidth to the POSterminals, again increasing the type of functionality and transactionsthat can be supported. However, the POS terminals themselves lack thecapacity to store large amounts of data and the business applicationsavailable to POS terminals are therefore limited.

The number of merchants, terminals and transactions is increasingannually. Along with these increases, there has been an increase infraud at the point-of-sale. Current methods fail to adequately preventconsumer and merchant fraud from occurring at the point-of-sale.Authenticating transactions originating from POS devices using securetokens, digital certificates and other unique merchant identifiers usedto control or limit individual user access and functionality are noteasily supported by conventional methods.

Also, the process of configuring the POS terminal to function inaccordance with the merchant's needs and approved transactions isbecoming increasingly complex and time consuming. One drawback toconventional methods for configuring POS devices is related to thecurrent method of downloading the POS business application programs (eg.restaurant, retail, lodging, mail order, petroleum) and themerchant-specific configuration attributes (eg. Bar-tabs, tips,merchant-id, terminal-id, American Express SE number). Current methodsrely on transferring (i.e. downloading) this information over dial orhigh-speed connections with a host-based system. The process is verytime consuming, error prone and therefore expensive.

Another drawback to conventional methods for introducing new products tothe market is related to the fact that the POS business applicationsmust first be certified by the credit card processors (such as VitalProcessing, Nova Information Systems, Global Payments, RBS Lynk, FirstData) in advance of commercial use. Certification must be completedseparately by each processor for each type of POS terminal and businessapplication prior to the device being approved for sale and support (asa ‘Class-A’ product). This certification process is generally manual innature, time consuming and expensive and often requires 6 to 12 monthsper each business application. Any single change such as a line ofsource code (or for example an additional module added) to a businessapplication requires that the certification process start over again.POS terminal manufacturers (i.e. Verifone, Hypercom, Ingenico, others)are therefore constrained in their ability to sell and distribute newPOS terminal models until the business applications are certified (andtherefore supported) by the major processors. This scenario createsfriction in the distribution channel as the manufacturers seek to gainmarket share with new innovative equipment because it requires them towait for each of the major processors (i.e. First Data, VitalProcessing, Global Payments, Nova Information Systems, RBS Lynk, others)to first certify the business applications.

Finally, because of the high cost of the device and the securityrequirements, the POS terminal industry is generally constrained to sellterminals and software only for use by approved merchants and they donot typically sell terminals directly to consumers for use at the homeor office.

The price of non-volatile (flash) memory is rapidly decreasing while thecapacity and available is increasing. The next generation of POS deviceswill support non-volatile, detachable flash memory from serial, USB, andother methods. In fact, POS manufacturers are in the very beginningstages of supporting USB devices on POS terminals and there are nocommercial uses of this technology today on POS devices. Computerprograms (i.e. Business Applications) can and should be developed toenhance the utility value, functionality and security of these nextgeneration POS devices. It will be difficult for the industry to embracethis new technology using current methods.

Therefore, a need exists for an apparatus and method that addressesthese shortcomings in the prior art by utilizing the new capabilitiesprovided through non-volatile, removable flash memory.

SUMMARY OF THE INVENTION

The present invention answers these needs by providing an apparatus andmethod for configuring, altering, controlling, securing, and extendingthe processing capability and functionality of POS devices using anon-volatile memory device using software and data carried within thedevice.

According to the present invention design, a portable housing isprovided with non-volatile memory inside. An interface is provided onthe housing for communication between the non-volatile memory and theRemovable Flash Enabled POS Device. Business software applications andconfiguration data are loaded into the non-volatile memory. The softwareapplications can be loaded into the non-volatile memory by the POSterminal manufacturer, the Independent Sales Organization (ISO), by apayment processing company, or by the Merchant via a CD-ROM, theInternet, or other suitable means.

Because the software ‘business applications’ and configuration data‘merchant specific attributes’ reside (either fully or partially) on theremovable storage device (non-volatile memory) and not on fully on thePOS terminal (current industry standard), the present invention may beused to configure and inter-operate with multiple POS devices.

It is thus an advantage of the present invention to provide an apparatusand method for quickly configuring, enhancing, controlling, securing, orextending the functionality of a Removable Flash Enabled POS Devicewithout time-consuming and expensive software modifications orhost-based download processes. To this end, the present invention ishighly portable, operates independently of any particular POS terminal,and is compatible with a wide variety of POS terminal devices.

Embodiments of the present invention are described below by way ofillustration. Other approaches to implementing the present invention andvariations of the described embodiments may be constructed by a skilledpractitioner and are considered within the scope of the presentinvention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an overview of the primary components which would be requiredto support all of the invention embodiments. Components include: (1)Removable-Flash Enabled POS Device; (2) Removable Flash Memory; (3)Dial-up, Wireless, or High-speed internet connection to Host Processor;(4) Host Processor; (5) Cable; (6) File Server; (7) Personal Computer.

FIG. 2 is an overview of the basic required components which would berequired to support a limited set of the invention embodiments.Components include: (1) Removable Flash Enabled POS Device; (2)Removable Flash Memory.

DETAILED DESCRIPTION OF THE INVENTION

An embodiment of the invention allows for the secure storage of anypersistent data (data of a permanent nature until changed or deleted)onto [FIG. 1: Removable Flash Memory]. This persistent data may berelated to POS terminal configuration and, or transaction data. Thisdata volume currently exceeds the storage capacity of the POS device[FIG. 1: Removable Flash Enabled POS Device] and therefore limits theutility value and overall functionality of the device to the merchant.

An embodiment of the invention allows for the tracking of cardholder andrelated customer transaction activity on the [FIG. 2: Removable FlashMemory] for the purpose of gift and loyalty program tracking without theneed for an online, host-based connection.

An embodiment of the invention allows for the storage of known lost,stolen or fraudulent credit card and debit card numbers on the [FIG. 2:Removable Flash Memory], to prevent the use of these cards for POStransactions without the need for a host-based online connection (or inan offline mode). In connection with this embodiment, merchant-specific,employee-specific or location-specific fraud rules and limits may bedefined and enforced without the need for an online connection to ahost.

An embodiment of the invention allows for the immediate configuration ofa new or re-configuration of a POS terminal device shown in [FIG.2—Removable Flash Enabled POS Device] using data and programs stored onthe [FIG. 2: Removable Flash Memory] without the need to dial, downloador connect the POS terminal with a central, host-based configurationprocess.

An embodiment of the invention allows for the storage of dailytransaction totals on the [FIG. 1: Removable Flash Memory] for internalcontrol, balancing, and reconcilement purposes using the [FIG. 1: PC orFIG. 1: File Server].

An embodiment of the invention allows for the secure storage of dailytransactions (or batches of transactions) on the [FIG. 1: RemovableFlash Memory] for the subsequent submission or ‘uploading’ to ahost-based authorization system [FIG. 1: Host] and, or a local PC-basedreporting process as shown in [FIG. 1: Personal Computer] or [FIG. 1:File Server].

An embodiment of the invention allows for the creation of authorizedusers and passwords for the merchant-specific POS device and wouldtherefore require the [FIG. 1: Removable Flash Memory] to be connectedto the POS device [FIG. 1: Removable Flash Enabled POS Device] prior touse and during use. This embodiment will also serve to control thefunctionality of the device [FIG. 1: Removable Flash Enabled POS Device]for specific users and therefore act as a ‘key’ to this POS device.

An embodiment of the invention allows for protection of files and datastored on the POS device [FIG. 1: Removable Flash Enabled POS Device] orthe removable storage device [FIG. 1: Removable Flash Memory] throughthe use of an encryption method which is compliant with current paymentindustry security standards set by Visa (i.e. CISP), MasterCard, andAmerican Express.

An embodiment of the invention allows for the merchant-specificconfiguration of a POS device [FIG. 1: Removable Flash Enabled POSDevice] to be backed up onto [FIG. 1: Removable Flash Memory] andrestored onto another identical POS device.

An embodiment of the invention allows for an independent audit orsampling of POS transactions from [FIG. 1: Removable Flash Enabled POSDevice] onto [FIG. 1: Removable Flash Memory] for use by internal orexternal auditors as part of Sarbanes Oxley or related internal controlrequirements.

An embodiment of the invention provides a mechanism for capturingsignatures and receipts from the POS device [FIG. 1: Removable FlashEnabled POS Device] onto [FIG. 1: Removable Flash Memory] which can belater transferred to [FIG. 1: Personal Computer] or [FIG. 1: FileServer] and used for customer service, charge-back research and otherrelated value-add purposes.

An embodiment of the invention provides a mechanism for capturing checkimages and check data from [FIG. 1: Removable Flash Enabled POS Device]and storing this information onto [FIG. 1: Removable Flash Memory]formatted in compliance with Check21 and, or NACHA's ARC requirements.This data can subsequently be transferred to [FIG. 1: Personal Computer]or [FIG. 1: File Server] or [FIG. 1: Host] and used for financialtransaction fulfillment, clearing other related purposes.

An embodiment of the invention provides a mechanism for storing andretrieving HTML and similar presentation content on the [FIG. 1:Removable Flash Memory] as required to format screens on [FIG. 1:Removable Flash Enabled POS Device].

An embodiment of the invention provides a means to store onto the [FIG.1: Removable Flash Memory] and display marketing presentations such asflash or video presentations on the screen of the POS device [FIG. 1:Removable Flash Enabled POS Device].

An embodiment of the invention provides a means to conduct customersurveys on [FIG. 1: Removable Flash Enabled POS Device] and collect andstore survey results on [FIG. 1: Removable Flash Memory]. This data cansubsequently be transferred to [FIG. 1: Personal Computer] or [FIG. 1:File Server] or [FIG. 1: Host] and used for customer service otherrelated purposes.

An embodiment of the invention provides a means of storing productcatalogs, inventory levels and pricing on [FIG. 1: Removable FlashMemory] or [FIG. 2: Removable Flash Memory] to allow customers to shopat the POS terminal [FIG. 2: Removable Flash Enabled POS Device] whilein an offline mode. This inventory data can subsequently be transferredto [FIG. 1: Personal Computer] or [FIG. 1: File Server] or [FIG. 1:Host] and used for updating central inventory, re-order and otherrelated purposes.

An embodiment of the invention allows for local “stand-in” processingusing data, logic and rules contained within the [FIG. 2: RemovableFlash Memory] to authorize transactions when the host is down in lieu of(or in addition to) traditional voice authorizations. In connection withthis embodiment, the locally authorized transactions would be uploadedto the host [FIG. 1: Host Processor] automatically whenever the onlineconnection is restored.

An embodiment of the present invention provides a means of storing onto[FIG. 1: Removable Flash Memory] and dispensing coupons from [FIG. 1:Removable Flash Enabled POS Device] to customers in order to encouragerepeat sales and to calculate discounts on sale items for qualifyingcustomers.

An embodiment of the invention allows for music and games to be storedon to [FIG. 1: Removable Flash Memory] and played through the POS device[FIG. 1: Removable Flash Enabled POS Device].

An embodiment of the invention allows for the configuration of a virtualprivate network (VPN) or similar secure network over the [FIG. 1:Dial-up, Wireless or High-speed Internet connection to Host] tofacilitate authentication to the network's processor [FIG. 1: HostProcessor]. This embodiment also supports other advanced securitymechanisms which otherwise would not be supportable by the POS device.In connection with this embodiment, a secure token, digital certificate,encryption key or other unique identifier is permanently stored on thenon-volatile memory device [FIG. 1: Removable Flash Memory] and releasedto the payment network to authenticate each session and, or transaction.

An embodiment of the invention facilitates the transfer (such asdownloading from the internet or a wireless network) of large files(such as but not limited to: inventory levels, pricing, negative cardfiles, bin tables, music, games, marketing presentations, etc.) throughthe connection POS device [FIG. 1: Removable Flash Enabled POS Device]over high-speed connections [FIG. 1: Dial-up, Wireless, or High-speedinternet connection to Host Processor] and stored directly onto [FIG. 1:Removable Flash Memory].

An embodiment of the current invention would allow the POS device toroute payment or non-payment transactions based on bin tables (andrelated rules) that are stored on the removable device. In connectionwith this embodiment, these bin tables would be updated periodicallythought a connection such as [FIG. 1: Dial-up, Wireless, or High-speedinternet connection to Host Processor] or via CD ROM.

An embodiment of the invention integrates a Personal Computer with a POSdevice for merchant or home users. Connectivity would be provided to thenon-volatile flash memory [FIG. 1: Removable Flash Memory] to create aninteroperable application that fully leverages the capabilities of thePC [FIG. 1: PC]. In connection with this embodiment, a merchant orconsumer will be able to initiate a card-centric (swipe and signature/orpin-based) financial transaction from their home or business using the[FIG. 1: Removable Flash Memory] and without the need for a separate POSdevice. This embodiment also creates a potentially huge new market foraccepting secure payment transactions from millions of existing andfuture PCs.

An embodiment of the invention would allow consumer credit card,pre-paid card, gift card, and other related personal account informationto be securely stored on a consumer's personal non-volatile memorydevice (such as a USB flash memory device) [FIG. 1: Removable USB FlashMemory] and accessed by the POS terminal [FIG. 1: Removable FlashEnabled POS Device] when inserted into the POS terminal or via RFID.This embodiment would therefore replace the need for the consumer toprovide a magnetic-stripe, smart-card or other card-centric paymentdevice.

Having thus described the invention in detail, it should be apparentthat various modifications and changes may be made without departingfrom the spirit and scope of the present invention. Consequently, theseand other modifications are contemplated to be within the spirit andscope of the following claims.

1. An apparatus for extending the capabilities of a POS Deviceincluding: a. a portable housing; b. non-volatile memory within thehousing; c. an interface on the housing for communication between thenon-volatile memory and the POS device; and d. a software application inthe non-volatile memory comprising a series of programs designed toperform specific functions; e. a data repository in the non-volatilememory to store all required data to support software functions.
 2. Anapparatus for extending the capabilities of a PC including: a. aportable housing; b. non-volatile memory within the housing; c. aninterface on the housing for communication between the non-volatilememory and the PC; and d. a software application in the non-volatilememory comprising a series of programs designed to perform specificfunctions; e. a data repository in the non-volatile memory to store allrequired data to support software functions.
 3. An apparatus as definedin claim 1, wherein the interface is a universal serial bus connector.4. An apparatus as defined in claim 2, wherein the interface is auniversal serial bus connector.
 5. An apparatus as defined in claim 1,wherein the interface is other than a universal serial bus connector. 6.An apparatus as defined in claim 2, wherein the interface is other thana universal serial bus connector.
 7. A method for the apparatuses asdefined in claims 1 and 2, wherein the business applications may beexecuted directly from the non-volatile memory.
 8. A method for theapparatuses as defined in claims 1 and 2, wherein the business softwarecan be configured to function based on the needs and profile of aspecific merchant, including: a. Security and access control b. Fraudprevention c. Gift and Loyalty d. Bin-based transaction routing e. Checkcapture and storage f. Signature capture and storage g. Inventory h.Pricing i. Marketing j. Entertainment k. Balancing l. Reporting
 9. Amethod for the apparatuses as defined in claims 1 and 2, wherein thebusiness software can be configured (without a connection with a hostbased system) to function based on the needs and profile of a specificmerchant, including: a. Restaurant b. Retail c. Lodging d. Petroleum e.Mail Order
 10. A method for the apparatuses as defined in claims 1 and2, that can function as a portable configuration mechanism for a PC orPOS device—to setup the device in accordance with a merchant's paymentprocessing requirements.
 11. A method for the apparatus as defined inclaim 1, that can backup data and programs stored on a POS device basedon the needs of the merchant.
 12. A method for the apparatus as definedin claim 1, that can restore backed-up data and programs onto a POSdevice based on the needs of the merchant.
 13. An apparatuses as definedin claims 1 and 2, that can serve as a key which will serve to unlockthe PC or POS device when connected and lock the device whenunconnected.
 14. A method for the apparatuses as further defined inclaim 13, that can serve as an access control mechanism to authenticateapproved users when initially connected based on a combination ofinformation stored and released from the apparatuses in combination withsecret information that is entered by the user.
 15. A method for theapparatuses as defined in claim 13, that can serve as an operationalcontrol mechanism to limit the functions that can be performed byauthenticated users based on each approved user's profile that is storedand retrieved from the appartuses.
 16. A method for the apparatuses asdefined in claim 13, that can store and release security related datathat will serve to authenticate the communication session between a POSdevice or PC and a host payment processor.
 17. A method for theapparatuses as defined in claim 16, that can store and release data thatwill serve to authenticate each transaction with a host paymentprocessor.
 18. A method for the apparatus as defined in claim 1, thatcan store and release data that will serve to control the display screenof the POS device, including: a. HTML, b. Flash, c. and other similarformatting languages.
 19. A method for the apparatus as defined in claim1, that can store and release pre-recorded marketing or training contentthat will be displayed on screen of the POS device, including: a. Flashb. Video c. Quicktime d. Other media formats
 20. A method for theapparatus as defined in claim 1, that can store and play music and videogames on the POS device.
 21. A method for the apparatus as defined inclaim 1, that can read and process data obtained from a non-volatilememory device supplied by a consumer such as: gift, pre-paid, orcredit/debit account numbers.
 22. A method for the apparatus as definedin claim 1, that can route payment transactions and related payment databased on information stored in the apparatus.
 23. A method for theapparatus as defined in claim 1, that can store, read and update productand inventory information without being connected to a host-basedprocess.
 24. A method for the apparatus as defined in claim 1, that canread a file containing lost, stolen, or fraudulent and cancelled giftcard, credit card, and debit card numbers and prevent the use of thesecards without being connected to a host-based process.
 25. A method forthe apparatuses as defined in claims 1 and 2, that can authorize andstore payment transactions without being connected to a host-basedprocess and later upload these transactions to a host upon connection.